01000: Memory Dump
By: CainA theory of mine was to dump the memory and it's contents to the screen, a file, or whatever. It didn't work, well, almost. Anyway, here it goes.
Dump the memory of a *nix system into a file for examination. You could find anything left behind from any operations or running processes, as in passwords, usernames, anything incriminating, or just to have fun. Anyway I wrote a small program to try to accomplish this and it doesn't work. The program is at the end of the file. Don't laugh at me for this. I'm not used to working with memory and don't know how linux handles it. Therefore as the good little hacker that I am, I hacked up a little program to try to help me with my journeys. I did all sorts of other things like trying to allocate 8 megs of memory and that shit for about 3 hours. Playing with code isn't that fun after the first hour of no success. The only thing I found amusing was when it dumps the core, you can read it very nicely (I think) with less (better then more):
cain@cain.com $ less core
It shows all the shit that your doing and that you have in memory, but nothing else. This leads me to some weird theories. I may be totally wrong, please tell me if I am.
Theory: There are NO uid's on memory.
Reason: A core file was still created no matter whether I was root or just a regular user. If I was root, I was still denied certain memory access, this leads me to believe that the kernel says "You don't own it, you can't see it."
Theory: Memory is dynamically allocated, then cleared.
Reason: It's the only safe way to control access. It's common knowledge that if you save a password to a variable then never set the variable back to NULL, it can be read using a pointer. I have learned of linked lists in Comp Sci AP. I hate them and they hate me. I will find a good use of them even if they kill me. It has to be dynamically allocated, if you have a static memory area, you couldn't do much.
Theory: I've been wasting my time
Reason: I have seen nothing interesting. I have seen my global variables, program output, and other things, but nothing useful, and nothing about other people in the memory.
Now remember, I am not good with memory. I'm not an efficient programmer. I'm a hacker. Things are supposed to work, not look pretty. I don't comment my code, it was hard to write, it should be hard to understand. Oh yes, if you have anything about this that I don't know, please tell me.
/* Cut here */
// This does nothing but dump
// the core. Have phun.
struct ptr image not found;
struct ptr *head, *current, *new;
main()
image not found
while( current->next != (struct ptr *)NULL );
}
/* Cut here */
Dump the memory of a *nix system into a file for examination. You could find anything left behind from any operations or running processes, as in passwords, usernames, anything incriminating, or just to have fun. Anyway I wrote a small program to try to accomplish this and it doesn't work. The program is at the end of the file. Don't laugh at me for this. I'm not used to working with memory and don't know how linux handles it. Therefore as the good little hacker that I am, I hacked up a little program to try to help me with my journeys. I did all sorts of other things like trying to allocate 8 megs of memory and that shit for about 3 hours. Playing with code isn't that fun after the first hour of no success. The only thing I found amusing was when it dumps the core, you can read it very nicely (I think) with less (better then more):
cain@cain.com $ less core
It shows all the shit that your doing and that you have in memory, but nothing else. This leads me to some weird theories. I may be totally wrong, please tell me if I am.
Theory: There are NO uid's on memory.
Reason: A core file was still created no matter whether I was root or just a regular user. If I was root, I was still denied certain memory access, this leads me to believe that the kernel says "You don't own it, you can't see it."
Theory: Memory is dynamically allocated, then cleared.
Reason: It's the only safe way to control access. It's common knowledge that if you save a password to a variable then never set the variable back to NULL, it can be read using a pointer. I have learned of linked lists in Comp Sci AP. I hate them and they hate me. I will find a good use of them even if they kill me. It has to be dynamically allocated, if you have a static memory area, you couldn't do much.
Theory: I've been wasting my time
Reason: I have seen nothing interesting. I have seen my global variables, program output, and other things, but nothing useful, and nothing about other people in the memory.
Now remember, I am not good with memory. I'm not an efficient programmer. I'm a hacker. Things are supposed to work, not look pretty. I don't comment my code, it was hard to write, it should be hard to understand. Oh yes, if you have anything about this that I don't know, please tell me.
/* Cut here */
// This does nothing but dump
// the core. Have phun.
- nclude <stdio.h>
struct ptr image not found;
struct ptr *head, *current, *new;
main()
image not found
while( current->next != (struct ptr *)NULL );
}
/* Cut here */
Back Next
